diff --git a/fuzzers/fuzzer_load.c b/fuzzers/fuzzer_load.c
index d277fe35cb..4b3c1f2ff3 100644
--- a/fuzzers/fuzzer_load.c
+++ b/fuzzers/fuzzer_load.c
@@ -19,6 +19,7 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include <fcntl.h>
 #include <sys/mman.h>
 #include <unistd.h>
 
@@ -41,7 +42,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
 #endif
 
     // fmemopen doesn't have associated file descriptor, so we do copy.
-    int fd = memfd_create("fuzz_mpv_load", 0);
+    int fd = memfd_create("fuzz_mpv_load", MFD_CLOEXEC | MFD_ALLOW_SEALING);
     if (fd == -1)
         exit(1);
     ssize_t written = 0;
@@ -51,6 +52,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
             exit(1);
         written += result;
     }
+    if (fcntl(fd, F_ADD_SEALS, F_SEAL_WRITE | F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_SEAL) != 0)
+        exit(1);
     if (lseek(fd, 0, SEEK_SET) != 0)
         exit(1);
     char filename[5 + 10 + 1];